<?php
session_start();
include "connectsql.php";

if (isset($_SESSION["ceo"]) && $_SESSION["ceo"] == true) {
	$manager = $_SESSION["manager"];
} else {
	die (ECHO_ERROR);	
}

if (isset($_REQUEST["file"])) {
	$filename = $_REQUEST["file"];
	if ($filename == "") {
		die (ECHO_ERROR);
	}
} else {
	die (ECHO_ERROR);
}

$filepath = "upload/".md5($manager.DB_PWD.$manager)."/";

if (substr($filename, -4) == ".zip" && file_exists($filepath.$filename)) {
	$filenamelen = strlen($filename);
	$filenamefolder = substr($filename, 0, $filenamelen - 4);	
	$resource = zip_open($filepath.$filename);
	while ($zip = zip_read($resource)) {
		if (zip_entry_open($resource, $zip)) {
			$zipfilename = zip_entry_name($zip);//获得文件名，mac压缩成zip，解压需要过滤资源库隐藏文件
			if ($zipfilename == false || strrpos($zipfilename, '/') != 0) {//null or dir
				zip_entry_close($zip);
				continue;
			}			
			
			$zipfilepath = $filepath.$filenamefolder."/".$zipfilename;//path
			$zipfilesize = zip_entry_filesize($zip);//size
			do {
				if (file_exists($zipfilepath)) {
        	$filesize = filesize($zipfilepath);
        	if ($filesize == $zipfilesize) {
        		break;
        	} else {
        		unlink($zipfilepath);
        	}
				}
				$zipfilecontext = zip_entry_read($zip, $zipfilesize);//context
				file_put_contents($zipfilepath, $zipfilecontext);		
			} while (0);
			zip_entry_close($zip);
		}
	}
	zip_close($resource);
	if (file_exists($filepath.$filenamefolder."/content.xml")) {
		$md5file = md5_file($filepath.$filenamefolder."/content.xml");
		$filesize = filesize($filepath.$filenamefolder."/content.xml");
		$sql = "delete from ".SetDB_FILE_TAB($manager)." where `filename` = '".$filenamefolder.".xml'";
		mysqli_query($link, $sql) or die(ECHO_MYSQL_ERROR_QUERY_TABLE_TO_DEL);
		$sql = "insert into ".SetDB_FILE_TAB($manager)." (`filename`,`size`,`md5`,`extrainfo`,`encrypt`) values ('".$filenamefolder.".xml','".$filesize."','".$md5file."','0','0')";
		mysqli_query($link, $sql) or die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_INSERT);
		echo "ok";
		return;
	}
}
echo "error";
?>